Most current real-world computer security effort focuses on external threats, and generally treats the computer system itself as a trusted system.
Many knowledgeable observers consider this a disastrous mistake, and point out that this distinction is the cause of much of the insecurity of current computer systems -- once an attacker has subverted one part of a system without fine-grained security, he or she usually has access to most or all of the features of that system. Because computer systems are very complex, and cannot be guaranteed to be free of defects, this security stance tends to produce insecure systems.
In particular, this approach has been predominant in the design of many Microsoft software products, due to the long-standing Microsoft policy of emphazing functionality and 'ease of use' over security. Microsoft claims that this is the result of consumer choice. Since Microsoft products currently dominate the desktop and home computing markets, this has led to unfortunate effects. However, the problems described here derive from the security stance taken by software and hardware vendors generally, rather than any technical or moral failing of a single vendor. Microsoft is not out of line in this respect, just more prominent, and its mistakes more pervasive.
Severe financial damage has been caused by computer security breaches, but estimating reliable costs is quite difficult. Figures in the billions of dollars have been quoted in relation to the damage caused by computer worms like Code Red[?], but such estimates are likely exaggerated. However, other losses, such as those caused by the compromise of credit card information, can be more easily determined, and they have been substantial.
There are many similarities (yet many fundamental differences) between computer and physical security.
Just like real-world security, the motivations for breaches of computer security vary between attackers, sometimes called hackers or crackers. Some are teenage thrill-seekers or vandals (the kind often responsible for defacing web sites); similarly, some web site defacements[?] are done to make political statements. However, some attackers are highly skilled and motivated with the goal of compromising computers for financial gain or espionage. An example of the latter is Marcus Wolf who spied for the KGB and was ultimately caught because of the efforts of Clifford Stoll, who wrote and amusing and accurate book, The Cuckoo's Egg about his experiences. For those seeking to prevent security breaches, the first step is usually to attempt to identify what might motivate an attack on the system, how much the continued operation and information security of the system are worth, and who might be motivated to breach it. The precautions required for a home PC are very different for those of banks' internet banking system[?], and different again for a classified military network. Other computer security writers suggest that, since an attacker using a network need know nothing about you or what you have on your computer, attacker motivation is inherently impossible to determine beyod guessing. If true, blocking all possible attacks is the only plausible action to take.
To understand something about techniques for securing a computer system, it is important to first understand the various types of "attacks" that can be made against it. These threats can typically be classified into a number of categories:
Computer code is regarded by some as just a form of mathematics. It is theoretically possible to prove[?] the correctness[?] of computer programs (within very limited circumstances) though the likelihood of actually achieving this in large-scale practical systems is regarded as unlikely in the extreme by most with practical experience in the industry -- see Bruce Schneier et al.
It's also possible to protect messages in transit (ie, communications) by means of cryptography. One method of encryption -- the one-time pad -- has been proven to be unbreakable when correctly used. Unfortunately it's very difficult to use properly, and highly inconvenient as well. Other methods of encryption, while breakable in theory, are often virtually impossible to directly break by any means publicly known today. Breaking them requires some non-cryptographic input, such as a stolen key, stolen plaintext (at either end of the transmission), or some other extra cryptanalytic information.
Social engineering and physical attacks can only be prevented by non-computer means, which are very difficult to enforce. Even in a highly disciplined environment, such as in military organizations, social engineering attacks are still difficult to prevent.
In practice, only a small fraction of computer program code is mathematically proven, or even goes through extensive security audits[?], so it's usually possible for a determined cracker to read, copy, alter or destroy data in well secured computers. You can reduce a cracker's chances by keeping your systems up to date, using a security scanner[?] or/and hiring competent people responsible for security. The effects of data loss/damage can be reduced by careful backing up[?] and insurance.
Computer security may be generally accomplished by three distinct processes: 1) Prevention, 2) Detection, and 3) Response. Firewalls are by far the most common prevention systems from a network security perspective as they can (if properly configured) block packet types and in so doing prevent some attacks. Access controls[?] and cryptography can protect systems and data, respectively. IDS or Intrustion Detection Systems[?] are designed to detect network attacks in progress and/or assist in post-attack forensics, while audit trails[?] and logs[?] serve a similar function for individual systems. "Response" is necessarily defined by the security requirements of an individual system and may cover the range from complete destruction of the system to notification of legal authorities, counter-attacks, and the like.
Today, computer security comprises mainly "preventive" measures, like firewalls or an Exit Procedure. We could liken a firewall to the building of a good fence around your warehouse. Firewalls are common amongst meachines that are permanently connected to the Internet (though not universal, as demonstrated by the large numbers of machines "cracked" by worms like Code Red[?] which would have been protected by a properly-configured firewall). However, fewer organisations maintaining computer systems operate effective detection systems, and fewer still have organised response mechanisms in place.
Responding forcefully to attempted security breaches (in the manner that one would for attempted physical security breaches) is often very difficult for a variety of reasons:
|
Computer security is a highly complex field, and is relatively immature. The ever-greater amounts of money dependent on electronic information make protecting it a growing industry and an active research topic.
There is an extensive culture associated with electronic security; see electronic underground community.
See also cryptology, cryptography, defensive programming, full disclosure, physical security, hacking, Security engineering
Search Encyclopedia
|
Featured Article
|